[vpnc-devel] vpnc: Restore previous DNS settings when disconnected?

Edward Mendelson em36 at columbia.edu
Thu May 5 00:45:36 CEST 2005


Thomas,

PROBLEM SOLVED! Your scripts work perfectly if I *remove* resolvconf 
from the system! Resolvconf is NOT part of the default Ubuntu 
installation. I installed it via the Ubuntu package manager because I 
thought it could help solve the problem with dns. But your scripts solve 
the problem IF resolvconf is NOT installed.

To make this more clear:

The Ubuntu versions of vpnc-connect and vpnc-disconnect do NOT add the 
correct nameserver information when connecting or disconnecting tothe 
VPN. Your scripts work perfectly if resolvconf is NOT present.

Does this help with plans for a fixed version?

Thank you again for those scripts. They solved this problem perfectly.

Edward

Thomas Bettler wrote:
> This looks as Ubuntu is doing something the wrong way. The only question is:
> Which part is behaving wrong?
> A. Is everything correct with resolvconf(8)?
> 
> B. Might there be an bug in the vpnc scripts they provide?
> -> If yes, 
>  C. which one? Do I have the same bug in mine config scripts?
> (Though not occurring, since my gentoo box is without resolvconf(8))
> 
> To analyze theese question I propose the following steps:
> 
> 1. Please try to connect with the patched scripts I attached in a former mail 
> and report what's going on...
> 
> We'll look for further steps later on... *busy right now, thinking*
> 
> Greetings
> Thomas
> 
> Am Mittwoch 04 Mai 2005 23:38 schrieb Edward Mendelson:
> 
>>Hello Thomas,
>>
>>OK - hope this is what you asked for. First (between the dashed lines),
>>the text of resolv.conf BEFORE running vpnc:
>>
>>-------------------------------------------
>>domain columbia.edu
>>nameserver 192.168.11.1
>>-------------------------------------------
>>
>>Next, the text of resolv.conf after running the ubuntu vpnc-connect script:
>>
>>-------------------------------------------
>># Dynamic resolv.conf(5) file for glibc resolver(3) generated by
>>resolvconf(8)
>>#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
>>nameserver 155.40.34.136
>>nameserver 155.40.34.99
>>search media.ziffdavis.com
>>--------------------------------------------
>>
>>Finally, the text of resolv.conf after running ubuntu's vpnc-disconnect:
>>
>>---------------------------------------------
>># Dynamic resolv.conf(5) file for glibc resolver(3) generated by
>>resolvconf(8)
>>#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
>>----------------------------------------------
>>
>>There were no error messages, but of course I can only connect to remote
>>sites by using numeric IP addresses. If I copy a backup resolv.conf file
>>over the autogenerated one, I can connect again to the web.
>>
>>Is any of this useful? Is there something that I should be doing that I
>>am not doing?
>>
>>Thank you again!
>>
>>Edward
>>
>>Thomas Bettler wrote:
>>
>>>The scripts in Ubuntu work the same way as mine. But I've never tested it
>>>on a debian box (meaning one with resolvconf(8))
>>>
>>>That I can help you, I have to know several things....
>>>
>>>1.  Attach /etc/resolv.conf _before connecting_
>>>2. connect with your Ubuntu scripts
>>>3. Attach /etc/resolv.conf
>>>4. disconnect
>>>5. Attach /etc/resolv.conf
>>>
>>>Paste any error messages you may get.
>>>
>>>Thomas
>>>
>>>Am Mittwoch 04 Mai 2005 15:52 schrieb Edward Mendelson:
>>>
>>>>Hi Thomas,
>>>>
>>>>First, the bad news. The patched version of vpnc-disconnect did not
>>>>restore resolv.conf correctly; after disconnecting, resolv.conf had no
>>>>routing data in it, only these two lines:
>>>>
>>>># Dynamic resolv.conf(5) file for glibc resolver(3) generated by
>>>>resolvconf(8)
>>>>#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
>>>>
>>>>I've attached the Ubuntu versions of the scripts. And I'm very, very
>>>>grateful for your efforts with this!
>>>>
>>>>Edward
>>>>
>>>>Thomas Bettler wrote:
>>>>
>>>>>Hi Edward
>>>>>
>>>>>1. I propose you to use the patched scripts (attached).
>>>>>I won't promise you anything, but I think that should work on your
>>>>>Ubuntu box too. Just try it and report errors or success.
>>>>>
>>>>>2. and attach the Ubuntu version of these two scripts. Well see how they
>>>>>are patched...
>>>>>
>>>>>3. Could you please report the output of "which resolvconf"
>>>>>This indicates whether and where there is the executable resolvconf,
>>>>>which is quite important for the patched version.
>>>>>
>>>>>Don't hesitate to ask what you don't know. I'm neither a hacker, just a
>>>>>user doing minimal scripting to improve things.
>>>>>
>>>>>Greetz
>>>>>Thomas
>>>>>
>>>>>Am Mittwoch 04 Mai 2005 03:14 schrieb Edward Mendelson:
>>>>>
>>>>>>Hello Thomas,
>>>>>>
>>>>>>Many thanks for this! Unfortunately, I'm too much of a beginner to make
>>>>>>this work on the Ubuntu version. In the patch file, I changed
>>>>>>/usr/bin/vpnc-connect (etc.) to Ubuntu's /usr/sbin/vpnc-connect (etc.),
>>>>>>and ran patch -p0 < yourpatchfile (I've never patched a file in Linux
>>>>>>before, so please be patient with my stupidity if this is all wrong),
>>>>>>but I got various error messages, some of them because Ubuntu does not
>>>>>>have /var/run/vpnc/tundev (when the VPN is running, it only has
>>>>>>defaultroute, dev, gateway, and pid). The patch got applied, however,
>>>>>>with error messages, but the resulting file produced an error message
>>>>>>about tundev, and did not restore the older settings in resolv.conf.
>>>>>>
>>>>>>Is there any chance that someone with much more knowledge than I have
>>>>>>would be willing to test this under Ubuntu and suggest the needed
>>>>>>changes?
>>>>>>
>>>>>>I am sorry to waste bandwidth with my own ignorance, but vpnc is so
>>>>>>much better than the Cisco client that I very much want to have this
>>>>>>patch added.
>>>>>>
>>>>>>Thank you again,
>>>>>>
>>>>>>Edward
>>>>>>
>>>>>>Thomas Bettler wrote:
>>>>>>
>>>>>>>Hi Edward
>>>>>>>
>>>>>>>Apply my DNS patch. It handles new DNS settings on connect and
>>>>>>>restores the old ones on disconnect. Here you are.
>>>>>>>
>>>>>>>Maurice: Might it get integrated, or is there missing any feature or
>>>>>>>anything? - Let me know, so that I can hack on ... until it gets fine.
>>>>>>>
>>>>>>>@everybody: Please send me some feedback and any bugs. Especially I'd
>>>>>>>like to know if it works fine with resolvconf (since I use the other
>>>>>>>solution).
>>>>>>>
>>>>>>>Thanks
>>>>>>>Thomas
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>----------------------------------------------------------------------
>>>>>>>--
>>>>>>>
>>>>>>>_______________________________________________
>>>>>>>vpnc-devel mailing list
>>>>>>>vpnc-devel at unix-ag.uni-kl.de
>>>>>>>http://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
>>>>>>>http://www.unix-ag.uni-kl.de/~massar/vpnc/
>>
>>_______________________________________________
>>vpnc-devel mailing list
>>vpnc-devel at unix-ag.uni-kl.de
>>http://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
>>http://www.unix-ag.uni-kl.de/~massar/vpnc/
> 
> 


More information about the vpnc-devel mailing list